kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code

It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

Microsoft Windows Hyper-V Remote Code Execution Vulnerability (3072000)

This host is missing a critical security update according to Microsoft Bulletin MS15-068. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-068: Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000)

The remote Windows host is affected by multiple remote code execution vulnerabilities in Hyper-V : - An error exists in how Hyper-V handles packet size memory initialization in guest virtual machines. An authenticated attacker with access to a guest virtual machine can exploit this by running a...

freexl -- integer overflow

Stefan Cornelius reports: There's an integer overflow in the allocatecells function when trying to allocate the memory for worksheet with specially crafted row/column dimensions. This can be exploited to cause a heap memory corruption. The most likely outcome of this is a crash when trying to...

Microsoft Internet Explorer Memory Corruption (MS15-056: CVE-2015-1750)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

kernel security and bug fix update

kernel 2.6.18-406.0.0.0.1 - netfront fix ring buffer index go back led vif stop orabug 18272251 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add...

Nessus Product Information

Set up Nessus product information to help facilitate some plugins to detect what platform they are running on. TRUSTED...

chromium-browser: Uninitialized value in PDFium.

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Google Chrome PDFium Code Injection Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome PDFium has a security vulnerability. Due to the program failed to properly initialize memory. A remote attacker can exploit the vulnerability to...

CVE-2015-1259

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

UBUNTU-CVE-2015-1259

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Design/Logic Flaw

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2015-1262

Removed by vendor...

CVE-2015-1259

Removed by vendor...

CVE-2015-1259

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2015-1259

The CVE-2015-1259 entry is confirmed in connected sources as a PDFium memory initialization issue in Google Chrome/Chromium prior to 43.0.2357.65. The root cause is an uninitialized memory condition in the PDFium component, which can allow a remote attacker to cause a denial of service or potenti...

SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : XSA-125: Long latency MMIO mapping operations were not preemptible. CVE-2015-2151: XSA-123: Instructions with register operands ignored eventual segment overrides...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

! metasploit exploit module development tutorial! - Vulnerability warning-the black bar safety net

How to write a Metasploit POST-development module ! Metasploit currently has a about a 1 5 0 a exploit module. Most of the exploits using the module are through the Windows, Solaris and Cisco these platforms were collected. At the same time, Metasploit can also for these modules on the line...